import CS git libarchive-3.3.3-7.el8_10

2026-04-16 15:16:39 -04:00 · 2026-04-16 15:16:39 -04:00 · 502e491a2b
commit 502e491a2b
parent aa81764252
3 changed files with 1294 additions and 2 deletions
--- a/SOURCES/libarchive-3.3.3-Fix-CVE-2026-4424.patch
+++ b/SOURCES/libarchive-3.3.3-Fix-CVE-2026-4424.patch
@ -0,0 +1,23 @@
+# This patch originally consisted of 3 hunks on the upstream:
+# https://github.com/libarchive/libarchive/pull/2898/changes/e1907c5832b6489c7b4198b0825f857c93a03c10
+# https://github.com/libarchive/libarchive/pull/2898/changes/d379dc0b2976b7207d1ad78f5ed3eb99a5b6d375
+# but only the first hunk needs to be backported since the
+# logic fix the second hunk provides does not need to be added
+# as the logic is still correct in the current version of libarchive (3.3.3)
+# thus the vulnerability in the code does not yet exist
+#
+# the third hunk of the patch is not needed either as the part of
+# the code which contains the vulnerability is not yet present in this version (3.3.3)
+diff -Naur libarchive-3.3.3/libarchive/archive_read_support_format_rar.c libarchive-3.3.3_patched/libarchive/archive_read_support_format_rar.c
+--- libarchive-3.3.3/libarchive/archive_read_support_format_rar.c	2018-09-02 08:05:18.000000000 +0200
+++ libarchive-3.3.3_patched/libarchive/archive_read_support_format_rar.c	2026-04-09 08:54:50.569789984 +0200
+@@ -2288,7 +2288,8 @@
+       return (r);
+   }
+ 
+-  if (!rar->dictionary_size || !rar->lzss.window)
+  if (!rar->dictionary_size || !rar->lzss.window ||
+      (unsigned int)(rar->lzss.mask + 1) < rar->dictionary_size)
+   {
+     /* Seems as though dictionary sizes are not used. Even so, minimize
+      * memory usage as much as possible.
--- a/SOURCES/libarchive-3.3.3-Fix-CVE-2026-5121.patch
+++ b/SOURCES/libarchive-3.3.3-Fix-CVE-2026-5121.patch
--- a/SPECS/libarchive.spec
+++ b/SPECS/libarchive.spec
@ -2,7 +2,7 @@

 Name:           libarchive
 Version:        3.3.3
-Release:        6%{?dist}
+Release:        7%{?dist}
 Summary:        A library for handling streaming archive formats

 License:        BSD
@ -27,7 +27,11 @@ Patch12:	%{name}-3.3.3-Fix-size-filed-in-pax-header.patch
 Patch13:	%{name}-3.3.3-Fix-CVE-2022-36227.patch
 Patch14:	%{name}-3.3.3-Fix-CVE-2025-5914.patch
 Patch15:	%{name}-3.3.3-skip-compression-level-1-check-on-s390x.patch
-
+# Source: https://github.com/libarchive/libarchive/pull/2898/changes/d379dc0b2976b7207d1ad78f5ed3eb99a5b6d375
+# and: https://github.com/libarchive/libarchive/pull/2898/changes/e1907c5832b6489c7b4198b0825f857c93a03c10
+Patch16:    %{name}-3.3.3-Fix-CVE-2026-4424.patch
+# Source: https://github.com/libarchive/libarchive/pull/2934/changes/889a228b71f2b1fab8dc5610f6c43ac0e9b92160
+Patch17:    %{name}-3.3.3-Fix-CVE-2026-5121.patch

 BuildRequires:  gcc
 BuildRequires:  bison
@ -234,6 +238,10 @@ run_testsuite


 %changelog
+* Wed Apr 08 2026 Pavol Sloboda <psloboda@redhat.com> - 3.3.3-7
+- Resolves: CVE-2026-4424
+- Resolves: CVE-2026-5121
+
 * Wed Aug 13 2025 Lukas Javorsky <ljavorsk@redhat.com> - 3.3.3-6
 - Resolves: CVE-2025-5914
 - Skip compression-level=1 size check on s390x.